Hi FreeRDP Developers, I am currently working on network level authentication, and I was considering the addition of the X.509 ASN.1 module in the asn1c-generated code. In NLA, the last packet of the authentication sequence sent by the client is bundled with the encrypted public key from the original certificate sent by the server. However, the public key isn't really "just" the public key, it's the public key encapsulated into some other ASN.1 data structure. I looked at the patch submitted to rdesktop that uses libsamba, and the code "manually" adds the required encoding to the public key. I could hack something quickly to get a similar result, but I was thinking that having the X.509 module would be helpful for easier certificate parsing, such as in tls_verify. OpenSSL does parse the certificate for us, but being dependent on OpenSSL makes it harder to try to switch to another cryptographic library in the future.
The ASN.1 module is readily available here: http://www.itu.int/ITU-T/formal-language/itu-t/x/x509/2008/AuthenticationFramework.asn X.509 has more than one module: http://www.itu.int/ITU-T/recommendations/fl.aspx?lang=1&rec=509&module=&oid= The X.509 specification can be found here: http://www.itu.int/rec/T-REC-X.509-200508-I/en What do you think? Should we add the X.509 module, or should I manually do the encoding?
------------------------------------------------------------------------------ Oracle to DB2 Conversion Guide: Learn learn about native support for PL/SQL, new data types, scalar functions, improved concurrency, built-in packages, OCI, SQL*Plus, data movement tools, best practices and more. http://p.sf.net/sfu/oracle-sfdev2dev
_______________________________________________ Freerdp-devel mailing list Freerdp-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/freerdp-devel